The Honeynet Project - visualizationhttp://www.honeynet.org/taxonomy/term/25/0
enHoneyMap - Visualizing Worldwide Attacks in Real-Timehttp://www.honeynet.org/node/960
<p><a href="/node/960"><img src="http://www.honeynet.org/sites/default/files/files/images/honeymap.preview.png" width="640" height="358" alt="HoneyMap Screenshot" title="HoneyMap Screenshot" /></a></p>
<p>The HoneyMap shows a real-time visualization of attacks against the Honeynet Project's sensors deployed around the world. It leverages the internal data sharing protocol <a href="https://github.com/rep/hpfeeds">hpfeeds</a> as its data source. Read this post to learn about the technical details and frequently asked questions. Before going into explanations, take a look at the map itself: <a href="http://map.honeynet.org/">map.honeynet.org</a>!</p>
<p><a href="http://www.honeynet.org/node/960" target="_blank">read more</a></p>honeymaphoneypotvisualizationworldmapGiraffe ChapterMon, 01 Oct 2012 14:51:45 +0000mark.schloesser960 at http://www.honeynet.orgFirst release from Network Analyzer projecthttp://www.honeynet.org/node/920
<p>Hi everyone, I am announcing an initial release of the <a href="https://www.honeynet.org/gsoc/slot13">Ovizart,<br />
Network Analyzer Project</a>. Ovizart (OV - Open VİZual Analsis foR network Traffic ) is a web based application that will let users upload captured traffic in a PCAP format, analyze the traffic, and present the traffic in an intuitive manner. The current development branch is located on Github: <a href="https://github.com/oguzy/ovizart">https://github.com/oguzy/ovizart</a>.</p>
<p><a href="http://www.honeynet.org/node/920" target="_blank">read more</a></p>traffic analyzevisualizationSun, 19 Aug 2012 19:23:30 +0000oguz.yarimtepe920 at http://www.honeynet.orgCongratulations to the winners of Forensic Challenge FC10- Attack Visualization !http://www.honeynet.org/node/812
<p>While the quantity of submissions for FC10 was lower than usual - we had expected this because of the amount of work required to submit plus being over the Christmas break - the quality of the solutions was really inspiring. </p>
<p>Of course the hardest part was deciding the winners, and as expected the traditional scoring method was not ideal for this type of challenge because the challenge was about creating and developing ideas, rather than just answering a number of dry questions. Quite a few people people used the challenge not so much to win a prize, but to have fun, develop an idea they've had, practice on some real datasets, learn, and teach. This was exactly the spirit we'd hoped for, so thanks to everyone for putting in a big effort.</p>
<p>The Winners and their solutions:<br />
<strong>Fabian Fischer</strong> - <a href="http://honeynet.org/files/Fabian_Fischer_-_Forensic_Challenge_2011_-_Challenge_10.pdf">solution</a></p>
<p><strong>Chris Horsley</strong> - <a href="http://honeynet.org/files/1327239365_hn_vis_chorsley.zip">solution</a></p>
<p><strong>Fraser Scott</strong> - <a href="http://honeynet.org/files/1327193551_logvis_Fraser_Scott.zip">solution</a></p>
<p><strong>Dan Gleebits</strong> - <a href="http://honeynet.org/files/1323998682_fc10HoneynetChallengeSubmissionDanGleebits.pdf">solution</a></p>
<p><strong>Johnathan Tracz</strong> - <a href="http://honeynet.org/files/1323732877_Forensic_Report_Johnathon_Tracz.zip">solution</a></p>
<p>The standout theme in the submissions for me was the use of interactive and flexible tools to analyse the data. As we move further into the big data world, its going to be imperative to get inside the data interactively to understand it. Some of the solutions focused on developing brand new applications/frameworks to interactively data sets - Check out the submissions from Fabian and Chris as really good examples of this. While Fraser put forward the idea of rendering images in 3D - which is not that far-out an idea actually, why not?!.</p>
<p>We hope that this challenge was enjoyable for those who participated, and for those downloading the submissions for inspiration. These challenges have a long legacy, we see people downloading, attempting and referencing these challenges and the solutions for education purposes years afterwards, so they are an important program at the Honeynet Project. </p>
<p>It would be great to see solutions to future forensic challenges use visualization, not only to analyse and detect trends, but also to describe the problem space to the layperson. With that said - the next Forensic challenge, FC11 should be released shortly - so stay tuned. </p>
<p>And lastly, if anyone wants to develop their ideas further, a good way (i.e. get paid if you are accepted!) is to get involved in our upcoming <a href="http://www.honeynet.org/gsoc2012">Google Summer of Code program GSOC12</a></p>
<p><a href="http://www.honeynet.org/node/812" target="_blank">read more</a></p>FC10Forensic ChallengevisualizationAustralian ChapterThu, 16 Feb 2012 10:36:13 +0000ben.reardon812 at http://www.honeynet.orgItalian Chapter updateshttp://www.honeynet.org/node/502
<p>Folks,</p>
<p>I would like to inform you all about our recent activities that we are attempting to achieve.</p>
<p>First of all, we have totally rebuilt our <a title="The Italian Honeynet Project" href="http://www.honeynet.it" />web site</a>. This new ones aim to be a central repository of all the (external/internal) news concerning botnets (mainly) and malwares (secondary).<br />
We will use the blog for posting about our project developments, and for commenting/reporting interesting news concerning the field that we are currently treating, so you can now add a new entry to your feeds reader :)</p>
<p><a href="http://www.honeynet.org/node/502" target="_blank">read more</a></p>BotnetsDorothyThe Italian Honeynet ChaptervisualizationItalian ChapterWed, 16 Dec 2009 09:41:58 +0000marco.riccardi502 at http://www.honeynet.orgA view on Conficker's insidehttp://www.honeynet.org/node/402
<p>Many people have asked us, how Conficker looks like. That's a tough question for something that's hidden and tries to be as stealthy as possible. The last time somebody asked me: "Can you show me Conficker?", I decided to visualize Conficker. Here is <a title="Conficker.C video" href="http://iv.cs.uni-bonn.de/uploads/media/video.avi" target="_blank">a little video that shows the evil core of Conficker.C</a>.<br />
</p>
<p><a href="http://www.honeynet.org/node/402" target="_blank">read more</a></p>confickercontrol flowdependenciesmalwarevisualizationGiraffe ChapterFri, 24 Apr 2009 16:47:20 +0000felix.leder402 at http://www.honeynet.orgPicviz 0.5 outhttp://www.honeynet.org/node/346
<p>The new release 0.5 of Picviz is out. This version comes with real-time mode enabled (and adds the libevent dependency) among other things, such as new properties and variables.</p>
<p>Get it from <a href="http://www.wallinfire.net/picviz">the usual place</a>.</p>
<p><strong>What is Picviz?</strong></p>
<p>When considering log files for security, usual applications available today<br />
either look for patterns using signature databases or use a behavioral<br />
approach. In both cases, information can be missed. The problem becomes<br />
bigger with systems receiving a massive amount of logs.</p>
<p><a href="http://www.honeynet.org/node/346" target="_blank">read more</a></p>picvizvisualizationFrench ChapterSun, 25 Jan 2009 13:23:53 +0000sebastien.tricaud346 at http://www.honeynet.org